Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json)
Hash identifier: EY3HtpPZI+rrutyV3KtesFKBoMiaQXj8Vwt40Hw0Iwo=
Subject key identifier: 58:62:02:4F:BA:83:C8:ED:B1:31:61:EC:79:F4:2E:B0:23:E0:C8:18
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: 019D3977DBB53E904B2995258962A0DED6EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
Manifest number: 11BF
Signing time: Sun 29 Mar 2026 12:00:49 +0000
Manifest this update: Sun 29 Mar 2026 12:00:49 +0000
Manifest next update: Mon 30 Mar 2026 12:00:49 +0000
Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: Vb+PMU0WPNw631jv2T/RUa1Uq5QVzOGdmtuHcBJ5S9g=)
2: kZWW_ntfYvdgmDKHXouZXpr8UMU.roa (hash: pybDSm/TxiDymAX06iB+SSYkpRn7EWk4DKtBzvh17SE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:db:b5:3e:90:4b:29:95:25:89:62:a0:de:d6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Mar 29 12:00:49 2026 GMT
Not After : Mar 30 12:00:49 2026 GMT
Subject: CN=5862024fba83c8edb13161ec79f42eb023e0c818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:48:48:db:15:30:58:6e:eb:3d:1a:f6:46:
f2:97:5a:ab:d2:93:a3:e9:5a:e7:f6:32:b0:c4:ad:
e9:fd:b1:8d:13:7f:77:a2:f8:1a:04:b1:e6:29:7e:
d8:27:7f:e0:c1:da:61:f6:44:3c:ae:bf:31:f9:c4:
d1:97:67:d1:99:ce:50:a7:59:27:49:70:2a:b0:f9:
98:95:26:e8:f2:22:29:82:63:64:c6:1c:89:38:e4:
4a:f4:92:15:40:13:0c:8e:45:48:9f:16:99:7c:1f:
9a:2a:93:b2:de:9a:61:55:03:68:85:1b:89:9e:b4:
08:d0:07:66:27:73:88:df:fa:d9:34:15:fc:e1:89:
b9:e1:d1:59:7e:b3:08:dc:e9:ea:4c:7a:99:04:c5:
1e:3c:ad:2c:5d:ea:61:12:73:0b:d4:2c:50:f6:1b:
18:41:b6:75:9b:39:15:d4:54:09:fd:b9:f9:71:c7:
b9:f8:50:d2:49:d7:02:6a:27:85:a4:7b:59:5f:25:
e6:32:64:f2:a0:40:89:76:6e:de:d5:f7:21:ef:27:
a3:6b:c8:e5:d5:f8:f0:a5:3a:f1:d0:9e:23:ac:98:
38:32:74:2a:aa:e0:1a:91:88:b7:bc:8b:6e:1d:a3:
84:9a:61:27:fd:f1:df:ad:a6:95:35:e5:f7:2a:d8:
bf:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:62:02:4F:BA:83:C8:ED:B1:31:61:EC:79:F4:2E:B0:23:E0:C8:18
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:6a:ad:f7:71:2d:b8:4a:ba:6a:70:60:91:2a:5f:09:ed:7c:
ba:54:ae:0e:09:fb:c8:53:a1:27:99:94:64:91:38:10:17:d0:
b0:c7:71:05:b3:65:36:f4:09:9f:2e:2d:e8:b5:64:43:4b:a8:
39:15:f5:23:7f:85:63:f5:88:20:3a:65:ba:7c:bd:48:cf:79:
c0:d2:33:ea:c0:1d:12:15:71:a2:77:c2:f3:40:54:7b:83:5b:
ff:2a:39:6e:b2:cc:45:12:33:0e:2c:e4:c4:b4:0b:9b:28:a4:
09:e7:83:d1:af:27:8f:ae:c6:b6:38:a1:ca:6b:83:dc:c0:d0:
9a:e8:ca:ca:55:16:57:b9:28:57:8e:79:a6:b6:5e:f9:28:96:
99:e9:bf:98:63:58:e2:f8:17:b3:b3:95:cd:f7:98:2d:13:01:
8f:39:71:28:7e:33:bb:ee:b1:fd:03:88:92:d7:8e:94:e7:a1:
11:0b:35:65:85:d1:2e:d8:3b:92:bf:5c:a5:8e:9f:be:d5:44:
e1:09:dd:b3:dc:18:93:c3:ef:b1:08:76:cb:4f:1b:cc:71:5d:
b0:61:f7:44:90:69:90:0c:46:70:e9:68:10:bd:67:50:19:e6:
b9:26:fd:a8:54:ea:89:07:88:bf:08:9b:dd:fb:75:36:5c:70:
31:2e:9a:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d9u1PpBLKZUliWKg3tbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjYwMzI5MTIwMDQ5WhcNMjYwMzMwMTIwMDQ5WjAzMTEwLwYDVQQD
Eyg1ODYyMDI0ZmJhODNjOGVkYjEzMTYxZWM3OWY0MmViMDIzZTBjODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3NISNsVMFhu6z0a9kbyl1qr0pOj
6Vrn9jKwxK3p/bGNE393ovgaBLHmKX7YJ3/gwdph9kQ8rr8x+cTRl2fRmc5Qp1kn
SXAqsPmYlSbo8iIpgmNkxhyJOORK9JIVQBMMjkVInxaZfB+aKpOy3pphVQNohRuJ
nrQI0AdmJ3OI3/rZNBX84Ym54dFZfrMI3OnqTHqZBMUePK0sXephEnML1CxQ9hsY
QbZ1mzkV1FQJ/bn5cce5+FDSSdcCaieFpHtZXyXmMmTyoECJdm7e1fch7yeja8jl
1fjwpTrx0J4jrJg4MnQqquAakYi3vItuHaOEmmEn/fHfraaVNeX3Kti/+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhiAk+6g8jtsTFh7Hn0LrAj4MgYMB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmqt93Et
uEq6anBgkSpfCe18ulSuDgn7yFOhJ5mUZJE4EBfQsMdxBbNlNvQJny4t6LVkQ0uo
ORX1I3+FY/WIIDpluny9SM95wNIz6sAdEhVxonfC80BUe4Nb/yo5brLMRRIzDizk
xLQLmyikCeeD0a8nj67GtjihymuD3MDQmujKylUWV7koV455prZe+SiWmem/mGNY
4vgXs7OVzfeYLRMBjzlxKH4zu+6x/QOIkteOlOehEQs1ZYXRLtg7kr9cpY6fvtVE
4Qnds9wYk8PvsQh2y08bzHFdsGH3RJBpkAxGcOloEL1nUBnmuSb9qFTqiQeIvwib
3ft1NlxwMS6aqg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:26 2026 by rpki-client